<?php
/**
 * Created by PhpStorm.
 * User: jimmyhsu
 * Date: 2016/10/4
 * Time: 下午11:40
 */
include ("conn.php");//连接数据库
include ("SMSVerify.php");
$username=str_replace(" ","",$_POST['name']);//接收客户端发来的username；
$sql="select * from userinfo where name='$username'";
$mobile=$_POST['mobile'];
$verify = new SMSVerify();
if ($_POST['name'] == "") {
    $sql="select * from userinfo where mobile='$mobile'";
    $query=mysql_query($sql);
    if (!$query) {
        echo "no user";
        return;
    }
    $newPwd=md5($_POST['newPwd']);
    $deviceId = $_POST['deviceId'];
    $rs=mysql_fetch_array($query);
    $userId=$rs['id'];
    if ($verify->verify($rs['mobile'], $_POST['code'])) {
        $sql="update userinfo set password = '$newPwd' where userinfo.id = $userId";
        if (mysql_query($sql)){
            echo 'success';
        }else{
            echo 'dbfail'.mysql_err();
        }
    }else{
        echo 'wrong code';
    }
}else {
    $query = mysql_query($sql);
    if (!$query) {
        echo "no user";
        return;
    }
    $rs = mysql_fetch_array($query);
    $deviceId = $_POST['deviceId'];
    $userId = $rs['id'];
    if ($verify->verify($rs['mobile'], $_POST['code'])) {
        $sql = "update userinfo set deviceid = '$deviceId' where userinfo.id = $userId";
        if (mysql_query($sql)) {
            echo 'success';
        } else {
            echo 'dbfail' . mysql_err();
        }
    } else {
        echo 'wrong code';
    }
}

